📢 Arkanix Stealer: un infostealer C++/Python en modèle MaaS analysé par Kaspersky
📝 Selon Securelist (Kaspersky), des chercheurs ont analysé « Arkanix Stealer », un infostealer en **C++ et Python** opéré en **MaaS** avec panneau de contrôle, modules configurabl...
📖 cyberveille : https://cyberveille.ch/posts/2026-02-25-arkanix-stealer-un-infostealer-c-python-en-modele-maas-analyse-par-kaspersky/
🌐 source : https://securelist.com/arkanix-stealer/119006/
#IOC #MaaS #Cyberveille
Arkanix Stealer: un infostealer C++/Python en modèle MaaS analysé par Kaspersky

Selon Securelist (Kaspersky), des chercheurs ont analysé « Arkanix Stealer », un infostealer en C++ et Python opéré en MaaS avec panneau de contrôle, modules configurables et programme de parrainage. Découvert via des annonces de forums en octobre 2025, il a fonctionné plusieurs mois avant que le panel et le Discord ne soient retirés vers décembre 2025. L’outil visait un large spectre de données, du système aux navigateurs, en passant par Telegram, Discord, VPN et fichiers sensibles.

CyberVeille

📢⚠️ New #ZeroDayRAT malware is being sold on Telegram, targeting Android and iOS devices with real-time monitoring, location tracking, surveillance and crypto theft tools.

Read: https://hackread.com/zerodayrat-malware-monitoring-android-ios-devices/

#Cybersecurity #Malware #Android #iOS #MaaS #Spyware

New ZeroDayRAT Malware Claims Full Monitoring of Android and iOS Devices

ZeroDayRAT malware targets Android and iOS devices, offering surveillance, tracking, and crypto theft tools via a Telegram-based MaaS service.

Hackread - Cybersecurity News, Data Breaches, AI and More

Arkanix Stealer targets a variety of data, offers a MaaS referral program

Pulse ID: 699bd8aeddae3bbaef634e1b
Pulse Link: https://otx.alienvault.com/pulse/699bd8aeddae3bbaef634e1b
Pulse Author: Tr1sa111
Created: 2026-02-23 04:33:50

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #MaaS #OTX #OpenThreatExchange #bot #Tr1sa111

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

Arkanix Stealer Targets Browsers via Dual Implementation

Arkanix Stealer is a MaaS infostealer with both C++ and Python implementations.

Pulse ID: 699b559757b9fda783b4d450
Pulse Link: https://otx.alienvault.com/pulse/699b559757b9fda783b4d450
Pulse Author: cryptocti
Created: 2026-02-22 19:14:31

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #CyberSecurity #InfoSec #InfoStealer #MaaS #OTX #OpenThreatExchange #Python #bot #cryptocti

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

TrustConnect = RAT disguised as RMM.
Discovered by Proofpoint.
Technical observations:
• Centralized multi-customer C2
• API-driven agent registration (/api/agents/register)
• WebSocket RDP streaming
• EV certificate abuse (revoked Feb 6, 2026)
• Branded payload generation per org token
• Rapid infra pivot → “DocConnect” (SignalR integration)
Subscription model: $300/month via BTC/USDT.
Operators tracked victims across tenants.
This is MaaS evolving toward operational maturity — automation, AI-assisted site generation, and SaaS-style lifecycle management.

How should defenders adjust detection logic when malware is digitally signed and infrastructure rotates quickly?

Source: https://www.proofpoint.com/us/blog/threat-insight/dont-trustconnect-its-a-rat

Engage below.
Follow TechNadu for technical threat intelligence coverage.

#ThreatIntelligence #ReverseEngineering #MalwareResearch #RAT #MaaS #SOC #DFIR #CyberOperations #DetectionEngineering

(Don't) TrustConnect: It's a RAT in an RMM hat

A new malware-as-a-service (MaaS) called TrustConnect has been discovered masquerading as a legitimate remote monitoring and management (RMM) tool. The malware, classified as a remote access trojan (RAT), uses a fake business website as its command and control center and MaaS portal. Priced at $300 per month, it offers features like a web-based C2 dashboard, automated payload generation with digital signatures, and remote desktop capabilities. The malware has been distributed through various email campaigns, often alongside legitimate RMM tools. Proofpoint researchers identified links between TrustConnect's creator and previous users of Redline stealer. The emergence of this new MaaS demonstrates the ongoing evolution of the cybercrime market and the thriving ecosystem of RMM abuse.

Pulse ID: 6996efa6c7a901cbcb67660e
Pulse Link: https://otx.alienvault.com/pulse/6996efa6c7a901cbcb67660e
Pulse Author: AlienVault
Created: 2026-02-19 11:10:29

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberCrime #CyberSecurity #Email #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #Proofpoint #RAT #RedLine #RedlineStealer #RemoteAccessTrojan #Rust #Trojan #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

Arkanix Stealer targets a variety of data, offers a MaaS referral program

Arkanix Stealer, a newly discovered malware operating under a Malware-as-a-Service model, targets a wide range of user data including cryptocurrencies, gaming, and online banking information. The stealer, available in both Python and C++ versions, offers configurable features and employs various techniques to evade detection. It can extract data from multiple browsers, VPNs, and gaming platforms, as well as capture screenshots and RDP connection details. The malware authors promoted their product through a Discord server and implemented a referral program to attract customers. The campaign appears to have been short-lived, with infrastructure taken down around December 2025.

Pulse ID: 6996efa6979db417fed4193b
Pulse Link: https://otx.alienvault.com/pulse/6996efa6979db417fed4193b
Pulse Author: AlienVault
Created: 2026-02-19 11:10:30

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Bank #Browser #CyberSecurity #Discord #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #Python #RAT #RDP #VPN #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange

This campaign reinforces a critical shift: infostealers are no longer just credential hunters - they’re context harvesters.

AI agents storing plaintext memories, tokens, and configs create a rich target set for commodity malware. Once a host is compromised, attackers don’t need exploits - just file access.

Source: https://www.infostealers.com/article/ai-agents-most-downloaded-skill-is-discovered-to-be-an-infostealer/

💬 How should AI agent data be classified in security models?
🔔 Follow TechNadu for threat-focused, non-sensational analysis

#InfoSec #ThreatModeling #AIrisk #Infostealers #EndpointSecurity #MaaS #TechNadu

𝗠𝗮𝗮𝘀 𝘃𝗶𝗻𝗱𝘁 𝘁𝗲𝗿𝘂𝗴𝘁𝗿𝗲𝗸𝗸𝗶𝗻𝗴 𝗦𝗼𝗻𝗴𝗳𝗲𝘀𝘁𝗶𝘃𝗮𝗹 𝗷𝗮𝗺𝗺𝗲𝗿 𝗺𝗮𝗮𝗿 𝗯𝗲𝗴𝗿𝗶𝗷𝗽𝗲𝗹𝗶𝗷𝗸

Cornald Maas vindt het jammer, maar begrijpt de keuze van AVROTROS om zich terug te trekken uit het Eurovisie Songfestival. Maas, die het commentaar verzorgde voor de omroep tijdens het festival, heeft zich wel ingezet om te proberen "zo lang mogelijk aan te blijven". Volgens hem zijn...

https://www.rtl.nl/boulevard/artikel/5563578/maas-vindt-terugtrekking-songfestival-jammer-maar-begrijpelijk

#Maas #terugtrekking #Songfestival

Maas vindt terugtrekking Songfestival jammer maar begrijpelijk

Cornald Maas vindt het jammer, maar begrijpt de keuze van AVROTROS om zich terug te trekken uit het Eurovisie Songfestival. Maas, die het commentaar verzorgde voor de omroep tijdens het festival, heeft zich wel ingezet om te proberen "zo lang mogelijk aan te blijven". Volgens hem zijn sporters, muzikanten, zangers en acteurs "nooit schuldig" aan het politieke beleid van een land. "Dat is hier ook het geval", vertelde hij woensdagavond aan het ANP voorafgaand aan de musical West Side Story in Carré Amsterdam.

RTL Boulevard

🔌 Hi ha joves a Mallorca que presumeixen de cotxe elèctric perquè paguen menys que si fos de benzina.

🤑 Nosaltres apujam l'aposta: amb bicicleta, transport públic i #carsharing elèctric en pots estalviar encara més!

Article al @diariomallorca:

➡️ https://url.pangea.org/m2601je

#Mobilitat #Sostenible #Bicicleta #Bici #TransportPúblic #Mallorca #MaaS

Pau Carbonell, joven con coche eléctrico: “Es una inversión a largo plazo, se pueden ahorrar unos 1.000 euros al año”

Durante años, la escasa autonomía fue uno de los principales obstáculos para apostar por el coche eléctrico. Pero la situación ha cambiado de forma notable: los modelos más modernos alcanzan entre 500 y 600 kilómetros, lo que convierte a Mallorca en un territorio ideal por sus distancias cortas. «Antes eran muy diferentes. Los primeros coches eléctricos eran muy caros y apenas llegaban a 200 kilómetros de autonomía. Ir a Capdepera y volver era prácticamente imposible», recuerda Pau Carbonell».

Diario de Mallorca